Handle URL encode and decode

commit: 695151d4db413f4a076e5421bfbd6fb2c005265b [log] [tgz]
author: Tom Chiverton <falken@wopr.house> Wed Mar 25 18:29:48 2015 +0000
committer: Erik de Bruin <erik@ixsoftware.nl> Wed Mar 25 19:41:42 2015 +0100
tree: e13b8abdd4b791fcab89ed59cd65a6e40ca61da1
parent: 120d9c8db22902d48bec47dd19161aef9892a088 [diff]
diff --git a/asdoc/templates/index.html b/asdoc/templates/index.html
index f970930..b9e46cd 100644
--- a/asdoc/templates/index.html
+++ b/asdoc/templates/index.html

@@ -20,6 +20,17 @@
     <script language="javascript" type="text/javascript">
     	<!--
         window.onload=function(){
+            "use strict";
+            var d2=decodeURIComponent(document.location.search).toLowerCase();
+            if(
+                    d2.indexOf('javascript:') > -1 ||
+                    d2.indexOf('//') > -1 ||
+                    d2.indexOf('..') > -1 ||
+                    d2.indexOf(':') > -1
+            ){
+                    return;
+            }
+
             var d=document.location.search;
 			var args=d.substring(d.lastIndexOf('?')+1,d.length);
 			var classFrameContent=args;
commit	695151d4db413f4a076e5421bfbd6fb2c005265b	[log] [tgz]
author	Tom Chiverton <falken@wopr.house>	Wed Mar 25 18:29:48 2015 +0000
committer	Erik de Bruin <erik@ixsoftware.nl>	Wed Mar 25 19:41:42 2015 +0100
tree	e13b8abdd4b791fcab89ed59cd65a6e40ca61da1
parent	120d9c8db22902d48bec47dd19161aef9892a088 [diff]